Website Security News
In the past couple of years, we’ve been tracking a long-lasting campaign responsible for injecting malicious scripts into WordPress sites. This campaign leverages old vulnerabilities (patched a long time ago) found in a variety of outdated themes and plugins. However, it also adds new vulnerabilities…
Read More about From .tk Redirects to PushKa Browser Notification Scam
If we navigate way back into the recesses of our memory to the era of GeoCities websites and MySpace pages, we might distinctly recollect the popularity of the visitor-counting widget….
Read More about Free SuperCounters Widget Serves Unwanted Redirects to Dating Site
Every year we see an increase in website attacks during the holidays. While business owners see their sales go up due to promotional Black Friday and Cyber Monday campaigns, hackers…
Read More about A Scam-Free Cyber Monday for Online Businesses
Earlier this week, we published a blog post about an ongoing massive malware campaign describing multiple infection vectors that it uses. This same week, we started detecting new modifications of…
When Twitter announced their new design for “Tweet” and “Follow” buttons back in October 2015, marketers across the web developed a mild anxiety—the new design came with a decision to…
Read More about Malicious Redirects from NewShareCounts.com Tweet Counter
It’s always nice to meet an old friend or someone you used to know well. You have news to share and talk about, stories to tell, etc. But what if…
Denial of Service (Dos) and Distributed Denial of Service (DDoS) attacks are unforgiving. They test the limits of your web server and application resources by sending spikes of fake traffic…
Read More about How to Improve Website Resilience for DDoS Attacks – Part I
Last week, we described how an ongoing massive malware campaign began using Baidu search result links to redirect people to various ad and scam pages. It didn’t last long. Soon…
If I were to ask if you could trust a script from Google that is loading on your website, the majority of users would say “yes” or even “absolutely”. But…
Read More about Malicious Activities with Google Tag Manager
Over the last few weeks, we’ve noticed a JavaScript injection in a number of WordPress databases, and we recently wrote about them in a Sucuri Labs Note. The campaign attempts…
Read More about Reverse Javascript Injection Redirects to Support Scam on WordPress
As consumers prepare to take advantage of the discounts and promotions for the Black Friday and Cyber Monday ecommerce holidays, bad actors are crafting fraudulent websites, phishing, and malware campaigns…
Read More about How to Avoid Malicious Cyber Monday Campaigns
